Please search thoroughly for existing issues before filing a new report!

Renewals and Lifetimes

Certificates from Let's Encrypt are valid for 90 days. We recommend renewing them every 60 days to provide a nice margin of error. As a beta participant, you should be prepared to manually renew your certificates at that time. As we get closer to General Availability, we hope to have automatic renewal tested and working on more platforms, but for now, please play it safe and keep track.

Helpful Information

Let's Encrypt maintainence events are posted on https://letsencrypt.status.io/ and Twitter (@letsencrypt_ops). If you need help, both the Let's Encrypt community at https://community.letsencrypt.org/ and #letsencrypt on irc.freenode.org are excellent sources of assistance.

If there are updates for Beta program participants, they will be posted at the community site at:

On behalf of everyone involved in Let's Encrypt, welcome to the future of the encrypted web.

Note: Please do not respond to this email. This is a one-time notification about your acceptance into the Beta Program. You will not receive further emails about our Beta Program unless you send in another application.

* PHP 5.4 has reached end-of-life on 14 Sep 2015 and as a result there
will be no more new upstream releases. The security support of PHP
5.4 in Debian will be best effort only and you are strongly advised
to upgrade to latest stable Debian release that includes PHP 5.6 that
will reach end of security support on 28 Aug 2017.

Has your website been blocked from Facebook or Instagram? Are you interested in getting your domain off the block list? Follow the instructions below.

Good evening guys, I got a contact form request from davidpolanco.com that asked the social networking question:

"Hey David, not sure if you can help me but my website has been blocked from Facebook and Instagram. I am pretty sure it's because of a virus/malware noticed that I received from Google Diagnostics regarding my site. Well anyways I wanted to know if you had any information on how I could remove my website from the block list on Facebook and Instagram, any information regarding this would be greatly appreciated."

Hey there, yes you can unblock your website from Facebook however I am not sure about Instagram, but since Instagram is owned by Facebook I am pretty sure the 2 networks will communicate with each other. Once the virus/malware is removed head over to Facebook's Website or Content Blocked page. I have provided a link below. Filling out this form will notify Facebook and will begin the unblock process of your website. The form is fairly short, however I would be prepared to wait 7 to 10 business days to be delisted as a nefarious site.

In this entry I will go over how to easily configure VirtualBox and assign your linux machine a static ip.

I am using GNU/Linux CentOs 6.5 as my disto. you may be using something like Ubuntu and if so then that is ok. The main focus here is how to allow VirtualBox to communicate through your network interface card. Once that is completed you can configure your linux machine via it's GUI or the CLI.

Let's get started!
1. Open VirtualBox - I am going to assume that you have your distro already installed on VirtualBox.
2. Click on Network or right click on your distro and go to settings and choose Network.
3. Under Adapter 1 - Checkmark to enable adapter
4. Attached to: Choose Bridge Adapter
5. Name: Choose how you are connected to the internet, you will see a list of adapter names. If you are connected via ethernet (cable) chose that one, or if you are connected to the internet via wifi choose that one. (I am connected via en0: Wi-Fi (Air Port)
6. Now click on the down arrow
7. Adapter type: Choose MT Desktop
8. Promiscuous mode: Choose Allow VM's
9. Click Ok
10. Start your VM

Now you will need to configure your network setting on your Linux VM. I won't go into detail, but my commands are like this.

I have been working on a project for a client at work for a couple of months now, and one of the tasks was to rename a large amount (634 pdf files) from one name to another.

I have used many renaming tools before, but none like Advanced Renamer. Advanced Renamer made the task on my Windows Machine so easy, so if you are in need of a truly free renaming tool check out the Advanced Renamer project.

Here are a list of things that I will be doing for the next 2 weeks. Most of this list I do already, but I am going to follow Ben Rodrigue input and do them all.

1. Wake up an hour earlier than you have to.
2. Quiet your mind for 10 minutes.
3. An attitude of gratitude.
4. Write in a Journal.
5. Write a list
6. Exercise
7. Do Affirmations
8. Do something nice
9. Take on a big task
10. Share these ideas with other people

Read more about each one of these on Ben's Blog below, and leave a comment if you have questions or comments.

This entry explains the user] of the lsof command which stands for, List of Open Files...this can be really useful if you would like to see what files are currently running for the instance of a particular user.

When running lsof it is always a good idea to specify what you are actually looking for, simply running lsof will give you a slew of data much of it will not be useful to you, especially if you are trying to stop a command that is you to properly administer your linux system.

If you can remember I created an entry called Lost Disk Space on Linux Due to Stop Command. In which I was backing up some critical web dev files, not realizing that I was going to be running out of disk. Take a look at that entry, it gives resolution along with the proper use of the lsof command when things go wrong.

Here are a couple of lsof commands that you can use that will help you make heads or tales of what process is doing what, at what time, and at what location.

This short entry explains how to create a mount a disk partition in linux. I will show you how to mount a peripheral such as a USB stick, External Drive, or anything else that can be easily remove from your Linux machine. Let’s get started.

What you will need:

Linux operating system

USB stick or external drive

Approximately 5 to 10 mins of time

Basics

Begin by logging into your linux system as su

Su - (this will give you uninterrupted access to run commands)

Navigate to /home/{yourusername} by typing in cd /home/{yourusername}

Create a directory called mount: mkdir mount

Peripherals

Navigate to the dev directory on your linux system: cd /dev

Now we need to list the files in the /dev directory by executing the command: ls

Plug in your usb stick / external drive to your linux system (depending on size this may take a few seconds for the machine to fully recognize your device)

Now type the list command: ls

Do you notice a new device listed? For example mine is called xvdj your’s will be called something different.

Once you have located the name of the device {xvdj} we need to mount it to our /home/{yourusername} directory

Specify a File System
In linux there are many types of file systems, but we will talk about. ext2, ext3, ext4. ext2 is the native file system on your linux machine, if you do not specify ext2 your linux system will default to this. ext3 is much like ext2, but that it allows journaling. Journaling does exactly that, it will log the commands and actions that you do. This will allow you recover a file / directory should it be accidently deleted. (this is in no way to be used as a backup utility) ext4 will allow you to create a file system that is up to: 32TB large and will support a file up to: 2TB big. So now that you no some of the differences, lets specify.

Begin by enter the command, be sure to change {xvdj} to your device name that your system has given it: mkfs -t ext3 /dev/{xvdj} Keep in mind that running this command can either go fast or slow so be patient. Once it completes, your disk volume will now be formatted with the file system: ext3

Optional: You have the ability in the command above to pass the -m {#} flag to change the reserve disk space (this prevents a system crash when the director is full), and the -c flag will add a bad block check, which means every sector on the partition of the device will be checked to see if it can be trusted to reliability hold data. (good for old drives)

Mounting

Navigate back to our /home/{username} by typing cd /home/{yourusername}

You will notice if you run the ls command that our mount directory is here. So what we are going to do is mount our /dev/{xvdj} to /home/{username}/mount this will give us the ability to see our devices content in our users mount directory.

To mount the device we will enter: mount /dev/{xvdj} /home/{yourusername}/mount now hit enter.

If you received an error stating: mount: you must specify the file system type. Then go back to Specify a File Systems in the list above.

You're done! You have now mounted a device to your linux file system.

Unmounting
If you wish to unmount the device/peripheral from your linux system enter the following command.

umount /home/{yourusername}/mount (be sure that you are not in the directory when running this, or the device is not running a process when executing the command) If it is you will get an error that says: umount: /home/{yourusername}/mount: device is busy

Notice
Just a heads up that mounting a device in this manner will disconnect upon reboot...see my next post on how to prevent that from happening.

I was sure why this was outside of the obvious permission denied, but my focus was on the filesystem size part of this error. Why was it taking so long to determine the filesystem size I thought?

Well, it does NOT have to do with the file system size of the device, but it on the first two words of the error. Permission denied. I solved this problem by not being an end user with no permissions to the system, I became a super user by executing su -. I then tried my command again:

Make File System ext3 on Device
mkfs -t ext3 /dev/xvdj

Success! The out was:

My lesson learned here was not to assume always that you have access to everything. You are not always a super user and you should never run as root in production.

If you have never used Fail2Ban on your Linux distro. I would greatly recommended it, especially if you seeing a lot of traffic trying to brute force your standard SSH connection.

Good practice:
1. Do not SSH on port 22
2. Do not use root
3. Disable root

But this entry is not on good practices on SSH connections, but rather how to remove a ban that Fail2Ban may have done to block you, a client, or a connection that was not intended to be blocked.

Begin by doing the following:
1. iptables -L (Do you see your ip in this list?)
2. iptables -D fail2ban-ssh -s xxx.xxx.xxx.xxx -j DROP
3. Where you see xxx.xxx.xxx.xxx add the IP that is banned.
4. Now verify that your IP is no longer in the list: iptables -L

That's it! Your IP should now be removed! To prevent this from happening again, navigate to the follow path and add your IP address to the safe list:

1. cd /etc/fail2ban
2. vi fail.conf
3. Now locate: # "ignoreip" can be an IP address, a CIDR mask or a DNS host
4. Add your IP address to this list
5. Now save with a :x

This entry explains how to extract Adobe Flash PDF file to a common Adobe PDF file that does not have flash.

If you have come across this issues, it may be due to a notification that states that Adobe Flash is required to open this Adobe PDF file. Well naturally your thinking a potential virus or malware infection right? Well you should, but I won't get into that.

So if you do receive a message that states that you need to upgrade your version of Acrobat to view the Adobe Flash PDF I would like you to do the following steps, to avoid having to upgrade.

1. Begin by opening the Adobe PDF file.
2. Highlight ALL documents by pressing CTRL+A
3. Go to: File > Extract from Portfolio
4. Now fine a destination to save the files.
5. Once done, hit ok and the files will begin converting to PDF (with NO flash)

This will save you a call to your IT help desk, and prevent others from having to upgrade they're Acrobat / PDF Readers.

This afternoon I purchased myself a Cisco ASA 5505 (EOL) for my home network. My quest is to become a proficient system administrator, and perhaps one day a full stack admin...so I figured it would be a good idea to get some of the gear.

Now then, I have worked on the Cisco ASA 5510 & 5505, but the changes that I have made to it we're fairly easy to do. Open ports, edit ip addressing, and manage traffic But there is so much more to the ASA that I am interested in knowing so I figured I would jump in feet first by screwing up my own network and not someone elses. Here is a little background on the purchase.

This is a new type of entry, much like my Linux postings that I have recently been doing, but in these blogs I will be posting about things that made me uncomfortable, but I did them anyways. Success's & failures.

Well most of you know me as a web developer, but I do other things than web dev. In this past year I have taken myself outside of my comfort level and broaden my knowledge in other areas.

"If it scares you, you should probably do it."

This week I was asked to open a specific port on an Cisco ASA 5510, and also configure a Windows Server to adhere to that port on the ASA. I am unable to get into specifics but I can tell you that this was outside of my scope, but I welcomed it.

Success
That day (Thursday) I successfully con figured the server to listen to the non-traditional port and also configured the router allow the broadcasting of it. After a reboot of the server and an outside internet connection I was able to establish a connection. SUCCESS!

Issues
The next day I received notice that certain users were not able to connect to certain shares on the server. To top it off one of them was in a upper level position. EEK!

Solution
After finding the issue, and finding the solution I relayed my concerns to my sysadmin and he was able to get the disk share re-established. At which point I simply remapped my end users on the client ends. (not all had to be remapped)

I guess in the end, the configuration issues that I made to the Cisco ASA 5510 (router) and the reboot of the server was not my doing, but the fact that I was able to get the connection re-established was.

I embrace change, tasks like this regurgitate me. In the mean time I plan on continuing my knowledge with the ASA and seek other tasks as received. It is in my hopes to one day be a full stack administrator, in the mean time...let's all get out of our comfort level, and do something that scares us.